The certificates issued to .admin users for the purposes of code signing expire one year from the date of their issuance. In order to continue using your certificate, you must periodically renew it. If you log on interactively using your .admin account, you should see a notification in the notification area that tells you that you have a certificate expiring soon – these notifications appear approximately one month before the date of expiration. Renewing takes only a few minutes, and can be done at any computer where your .admin account is in the Users or Administrators group. You will also need the password you use for the certificate that you type in when you sign code.
The steps are as follows:
- Log in interactively using your .admin account. This can be done either at the console of a computer, or via Remote Desktop.
- Go to Start > Run and enter “mmc” into the Run box. Press Enter.
- Go to the File menu and select Add/Remove Snap-in.
- Locate the “Certificates” snap-in entry under the list of “Available snap-ins” and select it. Click the “Add >” button.
- Ensure that the “My user account” option is checked when prompted and click Finish.
- Click Ok.
- Locate your personal .admin certificate by browsing down the tree as follows: Console Root > Certificates – Current User > Personal > Certificates.
- Click the Certificates entry, and verify that your .admin certificate shows up in the right-hand pane.
- Right-click your certificate, select All Tasks, and decide how you want to proceed:
- If you want to change the password you use for this certificate, select “Renew Certificate with New Key…”
- If you want to keep the same password used with this certificate, select Advanced Operations> “Renew This Certificate with the Same Key…”
- Follow the instructions given to you in the Certificate Enrollment wizard.
Once the wizard is completed, your certificate’s expiration date will be extended to one year from the date that you requested the renewal.